Netgear SRX5308 Specifications Page 220
- Page / 357
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
Managing Users, Authentication, and Certificates
220
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
determines the network resources to which the associated users have access. The default
domain of the VPN firewall is named geardomain. You cannot delete the default domain.
The following table summarizes the authentication protocols and methods that the VPN
firewall supports:
To create a domain:
1. Select Users > Domains. The Domains screen displays. The following figure shows the
VPN firewall’s default domain—geardomain—and, as an example, several other
domains in the List of Domains table.
Table 55. Authentication protocols and methods
Authentication
protocol or method
Description
PAP Password Authentication Protocol (PAP) is a simple protocol in which the client sends a
password in clear text.
CHAP Challenge Handshake Authentication Protocol (CHAP) executes a three-way handshake
in which the client and server trade challenge messages, each responding with a hash of
the other’s challenge message that is calculated using a shared secret value.
RADIUS A network-validated PAP or CHAP password-based authentication method that functions
with Remote Authentication Dial In User Service (RADIUS).
MIAS A network-validated PAP or CHAP password-based authentication method that functions
with Microsoft Internet Authentication Service (MIAS), which is a component of Microsoft
Windows 2003 Server.
WiKID WiKID Systems is a PAP or CHAP key-based two-factor authentication method that
functions with public key cryptography. The client sends an encrypted PIN to the WiKID
server and receives a one-time pass code with a short expiration period. The client logs
in with the passcode. See Appendix D, Two-Factor Authentication for more on WiKID
authentication.
NT Domain A network-validated domain-based authentication method that functions with a Microsoft
Windows NT Domain authentication server. This authentication method has been
superseded by Microsoft Active Directory authentication but is supported to authenticate
legacy Windows clients.
Active Directory A network-validated domain-based authentication method that functions with a Microsoft
Active Directory authentication server. Microsoft Active Directory authentication servers
support a group and user structure. Because the Active Directory supports a multilevel
hierarchy (for example, groups or organizational units), this information can be queried to
provide specific group policies or bookmarks based on Active Directory attributes.
Note: A Microsoft Active Directory database uses an LDAP organization schema.
LDAP A network-validated domain-based authentication method that functions with a
Lightweight Directory Access Protocol (LDAP) authentication server. LDAP is a standard
for querying and updating a directory. Because LDAP supports a multilevel hierarchy (for
example, groups or organizational units), this information can be queried to provide
specific group policies or bookmarks based on LDAP attributes.
- ProSafe Gigabit Quad WAN 1
- SSL VPN Firewall SRX5308 1
- Technical Support 2
- Trademarks 2
- Statement of Conditions 2
- Revision History 2
- Contents 3
- Chapter 3 LAN Configuration 4
- Chapter 4 Firewall Protection 4
- Key Features and Capabilities 10
- Introduction 11
- Security Features 12
- Extensive Protocol Support 12
- Maintenance and Support 13
- Package Contents 14
- Hardware Features 14
- Figure 1 15
- Table 1. LED descriptions 15
- Rear Panel 16
- Figure 3 17
- Using the Rack-Mounting Kit 18
- Internet 19
- Log In to the VPN Firewall 20
- Figure 5 21
- Figure 6 22
- Figure 9 24
- Figure 10 25
- Figure 11 26
- Figure 12 27
- Figure 13 28
- Figure 14 29
- Figure 15 30
- Figure 16 31
- Table 5. DNS server settings 31
- Configure the WAN Mode 32
- Configure Classical Routing 33
- Configure Auto-Rollover Mode 34
- Figure 18 35
- Configure Load Balancing 37
- Figure 20 38
- Figure 21 39
- To edit a protocol binding: 40
- Configure Dynamic DNS 42
- To configure DDNS: 43
- Figure 23 44
- Figure 24 45
- Configure WAN QoS Profiles 46
- Figure 25 47
- Figure 26 48
- Figure 27 50
- To edit a QoS profile: 51
- To delete a QoS profile: 51
- Figure 28 52
- What to Do Next 54
- LAN Configuration 55
- Port-Based VLANs 56
- Figure 29 57
- VLAN DHCP Options 58
- Configure a VLAN Profile 59
- Figure 31 60
- To edit a VLAN profile: 64
- Figure 32 65
- Figure 33 66
- Manage the Network Database 68
- Figure 35 70
- Figure 36 71
- Set Up Address Reservation 72
- Figure 37 73
- Manage Routing 75
- Configure Static Routes 76
- Figure 40 78
- Static Route Example 80
- Administrator Tips 82
- Services-Based Rules 83
- Order of Precedence for Rules 90
- Set LAN WAN Rules 91
- Figure 42 92
- Figure 43 93
- Figure 44 94
- Set DMZ WAN Rules 95
- Figure 46 96
- Figure 47 97
- Set LAN DMZ Rules 98
- Figure 49 99
- Figure 50 100
- Inbound Rules Examples 101
- Figure 52 102
- Figure 53 103
- Firewall Protection 104
- Outbound Rules Example 105
- Attack Checks 106
- Figure 56 107
- Set Session Limits 109
- To enable ALG for SIP: 111
- Figure 58 111
- Add Customized Services 112
- To edit a service: 113
- Figure 60 113
- Create IP Groups 114
- Figure 62 115
- To edit an IP group: 115
- To delete an IP group: 115
- To create a QoS profile: 116
- Figure 63 117
- Figure 64 117
- Create Bandwidth Profiles 118
- Figure 65 119
- Figure 66 120
- To set a schedule: 121
- Figure 67 122
- Content Filtering 123
- Figure 68 125
- Enable Source MAC Filtering 126
- Figure 69 127
- Set Up IP/MAC Bindings 128
- Figure 70 129
- Configure Port Triggering 130
- Figure 71 131
- Figure 72 132
- Figure 73 133
- Virtual Private Networking 134
- Using IPSec Connections 134
- Configurations 136
- Figure 77 137
- Figure 78 138
- Figure 79 139
- Figure 80 140
- Figure 81 140
- Figure 82 141
- Figure 83 143
- Figure 84 144
- Figure 85 145
- Figure 86 145
- Figure 87 146
- Figure 88 146
- Figure 89 148
- Figure 90 149
- Figure 91 149
- Figure 92 150
- Figure 93 151
- Figure 94 153
- Figure 95 154
- Information 155
- Figure 97 156
- Figure 98 156
- Figure 99 156
- Figure 100 156
- Figure 101 157
- Figure 102 157
- To view the IPSec VPN logs: 158
- Logs screen in view.: 158
- Manage IPSec VPN Policies 159
- IKE Policies Screen 160
- Figure 105 161
- Configure VPN Policies 165
- VPN Policies Screen 166
- To manually add a VPN policy: 168
- Figure 106 on page 166) 168
- To edit a VPN policy: 172
- User Database Configuration 174
- RADIUS Client Configuration 174
- Figure 108 175
- Mode Config Operation 176
- Figure 109 177
- Figure 110 178
- Figure 111 180
- Operation 183
- Figure 112 184
- Figure 114 185
- Figure 113 185
- Figure 115 186
- Figure 116 188
- Figure 117 189
- Figure 118 190
- Figure 119 190
- Figure 120 191
- Configure Keep-alives 192
- Configure Dead Peer Detection 193
- Figure 123 195
- Using SSL Connections 196
- Create the Portal Layout 198
- Figure 124 199
- Figure 125 200
- To edit a portal layout: 201
- Add Servers and Port Numbers 202
- Figure 126 203
- Add a New Host Name 204
- Configure the SSL VPN Client 205
- Figure 127 206
- VPN tunnel clients 207
- Setting Description 207
- Add New Network Resources 208
- To edit a resource: 209
- Figure 129 209
- View Policies 211
- Add a Policy 212
- Figure 131 213
- To edit an SSL VPN policy: 216
- Figure 132 217
- Figure 133 217
- Figure 134 218
- To view the SSL VPN Logs: 218
- Figure 135 218
- Certificates 219
- To create a domain: 220
- Figure 136 221
- Figure 137 221
- Edit Domains 223
- Create and Delete Groups 224
- Figure 138 225
- Edit Groups 226
- Configure User Accounts 227
- Figure 141 228
- Set User Login Policies 229
- Figure 143 230
- Figure 144 232
- To modify user settings: 233
- Figure 145 233
- Manage Digital Certificates 234
- Certificates Screen 235
- Manage CA Certificates 236
- Figure 147 237
- Figure 149 239
- To delete one or more SCRs: 240
- To delete one or more CRLs: 241
- Network and System Management 242
- Features That Reduce Traffic 243
- Source MAC Filtering 245
- Port Triggering 246
- DMZ Port 247
- Exposed Hosts 247
- VPN Tunnels 247
- Assign QoS Profiles 247
- System Management 248
- Figure 151 249
- Figure 152 249
- Figure 153 251
- Manage the SNMP Configuration 254
- Figure 155 255
- Manage the Configuration File 256
- Back Up Settings 257
- Restore Settings 258
- Figure 158 260
- Monitoring System Access and 263
- Performance 263
- Figure 159 264
- Enable the LAN Traffic Meter 266
- Figure 161 267
- Figure 162 267
- Figure 163 269
- Figure 164 270
- View Status and Log Screens 274
- View the Router Status Screen 275
- Figure 166 276
- Figure 167 277
- View the VLAN Status 280
- Figure 168 281
- Figure 169 282
- Figure 170 282
- View the VPN Logs 283
- To view the SSL VPN log: 284
- Figure 174 285
- Figure 175 286
- View Attached Devices 287
- View the DHCP Log 288
- Use the Diagnostics Utilities 289
- Look Up a DNS Address 290
- Display the Routing Table 290
- Reboot the VPN Firewall 291
- Capture Packets 291
- Figure 180 292
- Basic Functioning 294
- LAN or WAN Port LEDs Not On 295
- Problems with Date and Time 300
- Specifications 302
- Inbound Traffic 311
- Figure 185 312
- Figure 186 312
- Virtual Private Networks 313
- Figure 188. f 314
- Figure 189 314
- Figure 190 315
- Figure 191 315
- VPN Gateway-to-Gateway 316
- Figure 194 317
- Figure 195 317
- Figure 196 318
- Figure 197 318
- Figure 198 319
- Figure 199 320
- Figure 200 320
- Figure 201 321
- Table 81. Log message terms 322
- System Log Messages 323
- Login/Logout 324
- System Startup 324
- Firewall Restart 325
- IPSec Restart 325
- WAN Status 326
- Auto-Rollover 327
- PPP Logs 328
- • PPTP Idle Timeout Logs 329
- Resolved DNS Names 330
- VPN Log Messages 330
- SSL VPN Logs 335
- Routing Logs 336
- LAN to DMZ Logs 337
- DMZ to WAN Logs 337
- WAN to LAN Logs 337
- DMZ to LAN Logs 337
- Other Event Logs 338
- DHCP Logs 339
- Two-Factor Authentication 341
- Figure 202 343
- Figure 203 343
- Figure 204 344
- Notification of Compliance 345
- Numerics 347
© 2020, manymanuals.com. All rights reserved. | 0.346 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals